Commit 1038e7d6 authored by Matija Obreza's avatar Matija Obreza

Test if password matches after user is created

parent 4ed845ff
......@@ -40,7 +40,6 @@ import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.annotation.Transactional;
......@@ -67,8 +66,8 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
private JpaRepository<T, Long> _repository;
/** The password encoder. */
@Autowired(required = false)
protected final PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance();
@Autowired
protected PasswordEncoder passwordEncoder;
/** The password policy. */
@Autowired(required = false)
......
......@@ -301,7 +301,7 @@ public class CustomAclServiceImpl implements CustomAclService {
*/
@Override
@Transactional(readOnly = true)
@PreAuthorize("returnObject==null or hasRole('ADMINISTRATOR') or hasPermission(#id, #className, 'ADMINISTRATION')")
@PreAuthorize("hasRole('ADMINISTRATOR') or hasPermission(#id, #className, 'ADMINISTRATION')")
public AclObjectIdentity getObjectIdentity(final long id, final String className) {
return aclObjectIdentityPersistence.findByObjectIdAndClassname(id, className);
}
......
......@@ -15,9 +15,7 @@
*/
package org.genesys.blocks.security.component;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.greaterThan;
import static org.hamcrest.Matchers.hasSize;
import static org.hamcrest.Matchers.*;
import static org.junit.Assert.assertThat;
import java.util.List;
......@@ -42,6 +40,7 @@ import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.test.context.transaction.AfterTransaction;
import org.springframework.transaction.annotation.Transactional;
......@@ -58,7 +57,9 @@ public class AclAssignerTest extends BaseTest {
private AclEntryPersistence aclEntryPersistence;
@Autowired
private AclObjectIdentityPersistence aclObjectIdentityPersistence;
@Autowired
private PasswordEncoder passwordEncoder;
private TestUser user;
@Override
......@@ -75,6 +76,7 @@ public class AclAssignerTest extends BaseTest {
@Before
public void setupSecurityContext() throws NotUniqueUserException, PasswordPolicyException, UserException {
user = testUserService.createUser(USER_EMAIL, USER_FULLNAME, "password1!", AccountType.LOCAL);
assertThat(passwordEncoder.matches("password1!", user.getPassword()), is(true));
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(user, "bar"));
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment